| Message ID | 1459326136-10312-1-git-send-email-mario.six@gdsys.cc |
|---|---|
| State | Changes Requested |
| Delegated to: | Simon Glass |
| Headers | show |
Hi Mario, On 30 March 2016 at 02:22, Mario Six <mario.six@gdsys.cc> wrote: > uclass_first_device might return NULL for the device despite a zero > return code. Currently, this might lead to null pointer dereferencing, > since the returned device is not properly checked. > > Hence, always check if the device returned from uclass_first_device is > NULL and return -ENODEV if it is. > > Signed-off-by: Mario Six <mario.six@gdsys.cc> > --- > lib/tpm.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) Thanks for the patch. But can you please use uclass_first_device_err()? Regards, Simon
Hi Simon, Quoting Simon Glass <sjg@chromium.org>: > Hi Mario, > > On 30 March 2016 at 02:22, Mario Six <mario.six@gdsys.cc> wrote: >> uclass_first_device might return NULL for the device despite a zero >> return code. Currently, this might lead to null pointer dereferencing, >> since the returned device is not properly checked. >> >> Hence, always check if the device returned from uclass_first_device is >> NULL and return -ENODEV if it is. >> >> Signed-off-by: Mario Six <mario.six@gdsys.cc> >> --- >> lib/tpm.c | 6 +++++- >> 1 file changed, 5 insertions(+), 1 deletion(-) > > Thanks for the patch. But can you please use uclass_first_device_err()? > > Regards, > Simon Yes, of course; sorry, I was not aware of uclass_first_device_err. That's a much nicer solution :-) I'll prepare a v2 shortly. Best regards, Mario
diff --git a/lib/tpm.c b/lib/tpm.c index f428d45..42aea0a 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -245,6 +245,8 @@ static uint32_t tpm_sendrecv_command(const void *command, ret = uclass_first_device(UCLASS_TPM, &dev); if (ret) return ret; + if (!dev) + return -ENODEV; err = tpm_xfer(dev, command, tpm_command_size(command), response, &response_length); @@ -262,8 +264,10 @@ int tpm_init(void) struct udevice *dev; err = uclass_first_device(UCLASS_TPM, &dev); - if (err || !dev) + if (err) return err; + if (!dev) + return -ENODEV; return tpm_open(dev); }
uclass_first_device might return NULL for the device despite a zero return code. Currently, this might lead to null pointer dereferencing, since the returned device is not properly checked. Hence, always check if the device returned from uclass_first_device is NULL and return -ENODEV if it is. Signed-off-by: Mario Six <mario.six@gdsys.cc> --- lib/tpm.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) -- 2.7.0.GIT